Message from the Chair
Wow, it is hard to believe that it has already been over 3 months since the annual conference! I hope everyone has been able to continue leveraging the knowledge gained and the relationships formed or strengthened at the conference to empower your local security communities and beyond.
CVSS v4.0 is now available
In June 2023, attendees at the 35th Annual FIRST Conference, in Montréal, Canada got a first-look preview of the new version of the Common Vulnerability Scoring System (CVSS), version 4.0. After two month of public comment followed by two months of addressing those comments, FIRST is proud to announce the official publication of CVSS version 4.0.
November 1st, 2023 – Critical in the interface between supplier and consumer, CVSS provides a way to capture the principal characteristics of a security vulnerability and produces a numerical score reflecting its technical severity to inform and provide guidance to businesses, service providers, government, and the public.
The Board in Oslo
The first meeting of the board, post annual conference, has, in the past, been the time when the next year’s plans are reviewed, responsibilities are discussed and the budget and business plans are initiated.
We changed the 2022 and 2023 Conference program so we could hold the AGM earlier in the week – this year we did the AGM at the start of the week. This enabled the new board to meet with its new membership during the conference – allowing us to start much of the preparation work earlier.
Migrating to the new FIRST SSO
Since 2020 the FIRST infrastructure team has run an identity provider (IdP), referred to as FIRST SSO, to secure and control access to FIRST services. This system is used for members, volunteers, event attendees, guests, the board of directors, and the operations team.
There are currently over thirty services, including: FIRST Portal, Slack, Wiki, MISP, API, eVoting, many administrative tools, as well as the recently added Capture the Flag and Learning platforms that leverage FIRST SSO.
SIG
The Special Interest Groups are fairly busy, here is what is going on with some of them right now:
- AI Security SIG meets once per week (intensive cadence) – one or two talks per week. Talks are usually being recorded and automatically transcribed All things are in the wiki.
They are exploring AI (currently mostly LLMs) for defenders (e.g. which new tools can defenders use), for attackers as well as other misc. aspects of AI - The Automation SIG is meeting with an interval of once per month. They are progressing in creating a document for publication
On the Road to Fukuoka / Call for presentation
FIRSTCON24: Bridging Security Response Gaps
Save the Date!
Get ready to join us for the 2024 FIRST Annual Conference, June 9-14 in Fukuoka, Japan! The information website is available and online registration opening will be in November. For those interested in submitting a presentation, please keep the following dates in mind:
- Call for Speakers Open: October 31, 2023
- Call for Speakers Close: November 30, 2023
- Acceptance Notifications: February 12-29, 2024
For more details see here
If you have any questions or wish to speak to someone about conference sponsorship opportunities, please contact [email protected].
New Teams Members: August, September, October
This quarter, 3 new Liaisons and 19 Teams joined as members: from Europe (14), APAC (3), LATAM (3), North America (2).
Upcoming Events
Open Cyber Security Conference
February 26-March 1, 2024
Tenerife, Spain
Amsterdam 2024 FIRST Technical Colloquium
March 5-7, 2024
Amsterdam, Netherlands
Hosted by Human Security, LinkedIn
2024 Cyber Threat Intelligence Conference
April 15-17, 2024
Berlin, Germany
Mercure Hotel MOA Berlin
36th Annual FIRST Conference
June 9-14, 2024
Fukuoka, Japan
Visit our event calendar for a full list of the many meetings and activities on the horizon and learn how to register for each.
0 Comments